From the drop-down list for Security Mechanism, select SAML Authorization
over SSL.

Click the Keystore button to provide your keystore with the alias
identifying the service certificate and private key. To do this, click the
Load Aliases button and select xws-security-server, then
click OK to close the dialog.

For this example, the Truststore information that you need is
specified by default, so there is no need to change these settings.

Click OK to exit the WSIT Configuration editor.

A new file is added to the project. To view the WSIT configuration
file, expand Web Pages->WEB-INF, then double-click the file wsit-org.me.calculator.CalculatorWS.xml. This file contains the sc:KeyStore and sc:Truststore elements.

To require the service to use SSL, you have to specify the security
requirements in the service’s application deployment descriptor, which
is web.xml for a web service implemented as a servlet.
To specify the security information, follow these steps:

From your web service application expand Web Pages->WEB-INF.

Double-click web.xml to open it in the editor.

Select the Security tab.

On the Security Constraints line, click Add Security Constraint.

Under Web Resource Collection, click Add.

Type a Name for the Resource, CalcWebResource.
Type the URL Pattern to be protected, /*. Select which
HTTP Methods to protect, for example, POST. Click OK to close this dialog.

Check the Enable User Data Constraint box. Select CONFIDENTIAL
as the Transport Guarantee to specify that the application uses SSL.